aboutsummaryrefslogtreecommitdiffstats
path: root/Library/Homebrew
diff options
context:
space:
mode:
Diffstat (limited to 'Library/Homebrew')
-rw-r--r--Library/Homebrew/extend/ENV.rb4
-rw-r--r--Library/Homebrew/test/ENV_spec.rb14
2 files changed, 16 insertions, 2 deletions
diff --git a/Library/Homebrew/extend/ENV.rb b/Library/Homebrew/extend/ENV.rb
index 374be49b9..002220764 100644
--- a/Library/Homebrew/extend/ENV.rb
+++ b/Library/Homebrew/extend/ENV.rb
@@ -28,9 +28,9 @@ module EnvActivation
end
def clear_sensitive_environment!
- ENV.each_key do |key|
+ each_key do |key|
next unless /(cookie|key|token|password)/i =~ key
- ENV.delete key
+ delete key
end
end
end
diff --git a/Library/Homebrew/test/ENV_spec.rb b/Library/Homebrew/test/ENV_spec.rb
index 07f6cdb6b..8b39e52d7 100644
--- a/Library/Homebrew/test/ENV_spec.rb
+++ b/Library/Homebrew/test/ENV_spec.rb
@@ -141,6 +141,20 @@ shared_examples EnvActivation do
expect(subject["MAKEFLAGS"]).to eq("-j4")
end
+
+ describe "#clear_sensitive_environment!" do
+ it "removes sensitive environment variables" do
+ subject["SECRET_TOKEN"] = "password"
+ subject.clear_sensitive_environment!
+ expect(subject).not_to include("SECRET_TOKEN")
+ end
+
+ it "leaves non-sensitive environment variables alone" do
+ subject["FOO"] = "bar"
+ subject.clear_sensitive_environment!
+ expect(subject["FOO"]).to eq "bar"
+ end
+ end
end
describe Stdenv do
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-01 16:22:33 +0000